What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-11-28 15:41:00 | THREAT ALERT: DJvu Variant Delivered by Loader Masquerading as Freeware (lien direct) |
|
|||
|
2023-11-27 16:07:26 | 2024 Cybersecurity Predictions - Generative AI Reshapes Cybersecurity (lien direct) |
I can't believe another year has flown by, but wow what a year it's been! I suspect many of us saw smartphones and the cloud as the biggest transformations of our generation, but the reality is that these have been gazumped by the introduction of generative AI. |
Prediction | ★★ | |
|
2023-11-20 18:11:31 | Alerte de menace: Ransomware INC THREAT ALERT: INC Ransomware (lien direct) |
|
Ransomware Threat | ★★★ | |
|
2023-10-25 13:30:00 | Sécurité des informations du réseau de l'UE EU Network Information Security (lien direct) |
|
★★ | ||
|
2023-10-24 13:00:00 | 2023 Détection et réponse prolongée (XDR) Guide de l'acheteur \\ 2023 Extended Detection & Response (XDR) Buyer\\'s Guide (lien direct) |
★★ | |||
|
2023-10-23 14:03:56 | Toute la sécurité EPP n'est pas la même - changer le garde! NOT all EPP Security is the Same - Changing the Guard! (lien direct) |
Lorsque j'ai commencé à antivirus en 1991, la solution était simple: trouver un identifiant unique pour détecter les logiciels malveillants, alors vous pouvez le bloquer et si nécessaire, inciter les bonnes étapes programmatiques pour récupérer.Alan Salomon dirait que c'est un problème mathématique, nous avons la solution, et nous pouvons l'étendre infiniment.Cependant, au fil des ans, les menaces, les solutions et les environnements dans lesquels nous les déployons sont devenus de plus en plus complexes.Nous sommes passés à partir de virus de fichiers qui étaient un objet simple à des attaques de ransomwares multiples complexes composées de centaines d'éléments.Tout comme un exemple si vous regardez le Dernier test de mitres , il a utilisé Turla qui est composé de 143objets (indicateurs & amp; comportements liés à l'attaque). & nbsp;
When I started in anti-virus back in 1991, the solution was simple: find a unique identifier to detect the malware, then you could block it and if needed instigate the right programmatic steps to recover. Alan Solomon would say it\'s a math problem, we have the solution, and we can scale it infinitely. However, over the years threats, the solutions and the environments we deploy them into have become ever more complex. We have moved from file viruses that were one simple object to complex multifaceted ransomware attacks made up of hundreds of elements. Just as an example if you look at the latest MITRE testing, it used Turla which is made up of 143 objects (Indicators & behaviors linked to the attack). |
Ransomware | ★★★ | |
|
2023-10-06 17:53:23 | Analyse des menaces: prendre des raccourcis… en utilisant des fichiers LNK pour l'infection initiale et la persistance THREAT ANALYSIS: Taking Shortcuts… Using LNK Files for Initial Infection and Persistence (lien direct) |
|
Threat | ★★★ | |
|
2023-09-20 13:10:48 | La cyberison établit la nouvelle norme de l'industrie en 2023 Évaluations de Mitre ATT & CK: Enterprise Cybereason Sets the New Industry Standard in 2023 MITRE ATT&CK Evaluations: Enterprise (lien direct) |
Fresh Off the Press: Les résultats de la 2023 MITER ENNÉNUITION ATT & AMP; CK & reg; Évaluations: Entreprise ont été publiés, mettant 30 solutions de sécurité au test dans des scénarios réels qui imitent l'acteur de la menace Turla.
Fresh off the press: the results of the 2023 MITRE Engenuity ATT&CK® Evaluations: Enterprise have been published, putting 30 security solutions to the test in real world scenarios that mimic the Turla threat actor. |
Threat | ★★ | |
|
2023-09-13 14:47:38 | La capacité de cybersécurité que l'industrie a presque oublié The Cybersecurity Capability the Industry Nearly Forgot (lien direct) |
Lorsque j'ai commencé en cybersécurité au début des 90 \\, des capacités de cybersécurité entières n'étaient que quelques Mo de taille et s'adapteraient sur quelques disquettes.Aujourd'hui, de nombreuses capacités de cybersécurité sont si grandes et complexes qu'elles s'appuient sur le cloud computing, soit pour la vitesse de traitement, soit la possibilité de tirer parti de grands ensembles de données utilisés par exemple avec l'apprentissage automatique dans le cadre des capacités de détection et de réponse. & Nbsp; & nbsp;
When I started in cybersecurity back in the early 90\'s, entire cyber security capabilities were just a couple of MB in size and would fit on a couple of floppy disks. Today, many cyber security capabilities are so big and complex that they rely on cloud computing, either for processing speed or the ability to leverage large data sets used in for example with Machine Learning as part of the detection and response capabilities. |
Cloud | ★★ | |
|
2023-08-22 20:24:00 | Podcast Malicious Life : L’IA générative est-elle dangereuse ? Malicious Life Podcast: Is Generative AI Dangerous? (lien direct) |
De temps en temps, l'ensemble du paysage de la cybersécurité change d'un seul coup : le dernier changement sismique dans le domaine s'est produit l'année dernière seulement.Ainsi, dans cet épisode de Malicious Life, nous allons nous pencher sur l'avenir de la cybersécurité : comment l'IA générative comme ChatGPT va changer le cyberespace, à travers les yeux de cinq équipes de recherche innovatrices dans le domaine.Nous commencerons par des choses simples, puis nous passerons progressivement à des exemples de plus en plus complexes et futuristes montrant comment cette technologie pourrait bien se retourner contre nous, nous obligeant à résoudre des problèmes que nous n'avions jamais envisagés auparavant. – ;vérifiez-le...
Every so often, the entire landscape of cybersecurity shifts, all at once: The latest seismic shift in the field occurred just last year. So in this episode of Malicious Life we\'re going to take a look into the future of cybersecurity: at how generative AI like ChatGPT will change cyberspace, through the eyes of five research teams breaking ground in the field. We\'ll start off simple, and gradually build to increasingly more complex, more futuristic examples of how this technology might well turn against us, forcing us to solve problems we\'d never considered before. – check it out... |
ChatGPT | ★★ | |
|
2023-08-21 20:45:00 | Analyse des menaces: assembler Lockbit 3.0 THREAT ANALYSIS: Assemble LockBit 3.0 (lien direct) |
|
Threat | ★★ | |
|
2023-08-09 13:00:00 | Étendre la détection et la réponse des nuages avec Sysdig et Cybearon Extend Cloud Detection and Response with Sysdig and Cybereason (lien direct) |
|
Cloud | ★★ | |
|
2023-08-08 16:36:00 | Podcast de vie malveillant: pourquoi y est-il plus de programmes de primes de bug? Malicious Life Podcast: Why aren\\'t there more bug bounty programs? (lien direct) |
|
★★ | ||
|
2023-07-07 14:20:36 | Le nouveau tableau de bord Unified Malop de Cybereason \\ Cybereason\\'s New Unified MalOp Dashboard (lien direct) |
Cybearason est ravi d'annoncer un nouveau tableau de bord Unified Malop
Alors que les cybermenaces continuent d'évoluer, les équipes du Centre des opérations de sécurité (SOC) sont confrontées à d'immenses défis dans la protection de leurs organisations.Pour réussir, SOC a besoin non seulement de la bonne technologie, mais aussi un effet de levier efficace des personnes et des processus.Pour aider les équipes SOC à rester en avance sur la courbe, la cyber-saison introduit un tableau de bord unifié conçu pour fournir des informations supplémentaires sur les menaces émergentes, les mesures opérationnelles et fournir des informations pour améliorer continuellement les processus et les procédures du SoC.
Cybereason is excited to announce a new unified Malop Dashboard
As cyber threats continue to evolve, Security Operations Center (SOC) teams face immense challenges in protecting their organizations. To be successful SOC needs not only the right technology but effective leverage of people and processes. To help SOC teams stay ahead of the curve, Cybereason introduces a unified dashboard designed to provide additional insights into emerging threats, operational metrics and provide insights to continuously improve SOC processes and procedures. |
★★ | ||
|
2023-06-21 13:39:09 | XDR en 2023: Knight de Cybersecurity \\ ou un autre château dans le nuage? XDR in 2023: Cybersecurity\\'s Knight or Another Castle in the Cloud? (lien direct) |
3 questions clés lorsque vous investissez dans des offres XDR
Dans le paysage de la cybersécurité d'aujourd'hui, les équipes de sécurité ont besoin d'une plate-forme de détection et de réponse unifiée.Cependant, même avec l'avènement de XDR, les résultats ne sont souvent pas des attentes.Nous recherchons une prévention efficace, une émulation d'attaque, une amélioration et des rapports positifs sur le retour sur investissement.Sans aucun doute, le domaine de l'ingénierie à distance ajoute de la complexité, ce qui rend crucial pour protéger nos employés, nos données et maintenir la disponibilité.Dans le contexte des pressions commerciales de montage, nous devons comprendre comment XDR peut aider à la consolidation des fournisseurs et à la détection et à la réponse gérées.
3 Key Questions when Investing in XDR offerings
In today\'s cybersecurity landscape, security teams are in dire need of a unified detection and response platform. However, even with the advent of XDR, the outcomes often fall short of expectations. We strive for effective prevention, attack emulation, improvement, and positive ROI reporting. No doubt, the realm of remote engineering adds complexity, making it crucial to protect our employees, data, and maintain uptime. Against a backdrop of mounting business pressures, we need to understand how XDR can help with vendor consolidation and Managed Detection and Response. |
★★★ | ||
|
2023-05-03 16:20:43 | Fondations XDR: éliminer les données de cybersécurité fragmentées XDR Foundations: Eliminating Fragmented Cybersecurity Data (lien direct) |
|
★★ | ||
|
2023-05-01 18:33:48 | Fondations XDR: tirer parti de l'IA là où cela compte le plus XDR Foundations: Leveraging AI Where it Matters Most (lien direct) |
|
★★ | ||
|
2023-04-26 14:16:20 | La cyberréason annonce la chasse et l'enquête unifiées aux menaces Cybereason Announces Unified Threat Hunting and Investigation (lien direct) |
La cyberréasie est ravie d'annoncer un développement significatif dans son approche pour stocker des données de chasse à long terme (télémétrie collectée par nos capteurs pas \\ 'Données bénignes \' détectées par et liées à un malveillantOpération, ou |
Threat | ★★ | |
|
2023-04-18 14:58:36 | All Things Cybereason à la conférence RSA 2023 All Things Cybereason at 2023 RSA Conference (lien direct) |
|
Conference | ★★ | |
|
2023-04-03 13:40:01 | Cybearason obtient un financement de 100 millions de dollars, nomme un nouveau PDG Cybereason Secures $100M Funding, Appoints New CEO (lien direct) |
★★ | |||
|
2023-03-31 15:08:17 | La cyberison détecte et empêche l'attaque de la chaîne d'approvisionnement du 3CXDESKTOPAPPAPPAPPAP [Cybereason Detects and Prevents 3CXDesktopApp Supply Chain Attack] (lien direct) |
|
★★ | ||
|
2023-03-15 11:30:00 | 5 Steps to More Effective Ransomware Response (lien direct) |
|
Ransomware Ransomware | ★★★ | |
|
2023-03-14 10:00:00 | New Study: Ransomware Driving SOC Modernization Requirements (lien direct) |
|
Ransomware | ★★★ | |
|
2023-03-09 15:20:53 | Visibility, Response, and Private Infrastructure Protection: Why Cybereason is a 2022 Gartner® Magic Quadrant™ Leader (lien direct) |
|
Guideline | ★★ | |
|
2023-03-08 12:58:50 | U.S. National Cybersecurity: Strategy at an Inflection Point (lien direct) |
The Biden administration issued a new cybersecurity strategy last week that has many observers applauding its emphasis on regulating minimum cybersecurity standards and enforcing so-called secure by design development practices, among other things. |
General Information | ★★ | |
|
2023-03-03 13:00:00 | Variant Payload Prevention: Applying Data Science to Stop the Stealthiest Threats (lien direct) |
|
★★ | ||
|
2023-02-28 13:04:02 | Cybereason Named a Leader in 2022 Gartner® Magic Quadrant™ for Endpoint Protection Platforms (lien direct) |
|
Guideline | ★★ | |
|
2023-02-23 21:33:59 | New Studies Paint Bleak Picture of Future SOC Effectiveness (lien direct) |
|
Studies | ★★★ | |
|
2023-02-14 19:20:18 | Ransomware Shifting to the Cloud (lien direct) |
In the last few years, ransomware attacks have grown considerably. With 75% of organizations being attacked, it seems likely that we'll see a saturation point soon. And attackers have not been resting on their laurels. On the contrary, they have continued to evolve ransomware and are already in the fourth generation of this malicious software. |
Ransomware | ★★ | |
|
2023-02-07 18:17:40 | THREAT ALERT: GootLoader - SEO Poisoning and Large Payloads Leading to Compromise (lien direct) |
The Cybereason Incident Response (IR) team investigated an incident which involved new deployment methods of GootLoader through heavily-obfuscated JavaScript files. In addition to the new techniques used to load GootLoader, Cybereason also observed Cobalt Strike deployment, which leveraged DLL Hijacking, on top of a VLC MediaPlayer executable.
|
Threat Guideline | ★★★ | |
|
2023-02-06 17:41:48 | Cybereason advances prevention, data collection, investigation, and management capabilities (lien direct) |
|
General Information | ★★★ | |
|
2023-01-31 18:19:20 | You Should Be Afraid of SIM Swaps (lien direct) |
If SIM swap stories ever make the news, almost uniformly, they focus on people who lost a lot of money. But SIM swaps also take a psychological toll. Getting cut off from the grid all of a sudden, not knowing why, not being able to call for help. Even when it's over, you never know if your attackers -- whoever they are -- will come back again.
|
★★★ | ||
|
2023-01-24 15:17:03 | FBI vs. REvil [ML BSide] (lien direct) |
![FBI vs. REvil [ML BSide]](https://www.cybereason.com/hubfs/Malicious-Life-episode%20%284%29-1.png)
|
★★★★★ | ||
|
2023-01-20 17:11:49 | Cyberbunker, Part 2 (lien direct) |
Spamhaus's decision to add Cyberbunker to its list of Spam sources led the Stophaus coalition to initiate a DDoS attack later dubbed “The attack that almost broke the Internet.” The fallout from this attack led to Cyberbunker relocating to a bunker in Germany - but it was the involvement of an Irish drug lord known as 'The Penguin' that led to the bullet-proof hosting company's downfall.
|
Spam | ★★ | |
|
2023-01-19 14:00:00 | 7 Requirements for a Successful XDR Strategy (lien direct) |
|
★★ | ||
|
2023-01-19 13:00:00 | Sliver C2 Leveraged by Many Threat Actors (lien direct) |
What you need to know about this attack framework before it replaces Cobalt Strike
|
Threat | ★★★★★ | |
|
2023-01-17 15:21:04 | RSA Conference 2023 Promises New Concepts, Diversity of Ideas (lien direct) |
The new year is always a time to reflect on what's coming next. As part of the RSA Conference program committee (having worked on the Hackers & Threats track for a number of years), I'm very privileged to see everyone's perspectives. This year I'm happy to report there was a significant growth in the number of submissions suggesting that the collective is starting to look beyond Covid, which definitely hampered the volume and creativity of solutions in recent years. |
★★ | ||
|
2023-01-11 19:45:06 | Cyberbunker, Part 1 (lien direct) |
Sven Kamphuis and Herman Johan Xennt are quite dissimilar: one is young, the other is old, one is a Freedom Fighter, the other a businessman. In 1996, their unlikely partnership coalesced around a mutual deep hatred towards authority - and around a very unusual building: a Cold-War era nuclear bunker.
|
★★ | ||
|
2023-01-10 12:00:00 | THREAT ANALYSIS: From IcedID to Domain Compromise (lien direct) |
BACKGROUND
In this Threat Analysis report, the Cybereason team investigates a recent IcedID infection that illustrates the tactics, techniques, and procedures (TTPs) used in a recent campaign. IcedID, also known as BokBot, is traditionally known as a banking trojan used to steal financial information from its victims. It has been around since at least 2017 and has been tied to the threat group TA551. |
Threat | ★★★★ | |
|
2023-01-09 18:47:58 | MITRE ATT&CK and the Art of Building Better Defenses (lien direct) |
MITRE's Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) is a critical tool for security practitioners seeking to understand how attackers move, operate, and conduct their attacks. Designed to look at attacks from the attacker's perspective, it catalogs the attack lifecycle of different adversaries and the platforms they choose to target, all based on real-world observations. |
Tool | ★★ | |
|
2023-01-03 17:01:06 | How Netflix Learned Cloud Security [ML B-Side] (lien direct) |
![How Netflix Learned Cloud Security [ML B-Side]](https://www.cybereason.com/hubfs/Malicious-Life-episode%20%281%29-1.png)
2011 was a pivotal year for Netflix: the now hugely successful company was then in the midst of a formidable transformation, changing from a mail-based DVD rental service to the modern streaming service that it is today. It was at this crucial point in the company's history that Jason Chan, our guest in this episode, was hired by Netflix to lay the foundations for its cloud security protocols. Nate Nelson, our Sr. Producer, spoke with Jason about the decade he spent at the company, what he learned during his tenure there, and the ideas that took shape at that time, such as Chaos Engineering.
|
★★ | ||
|
2022-12-19 21:40:03 | Malicious Life Podcast: Fred Cohen, The Godfather of Computer Viruses [ML B-Side] (lien direct) |
![Malicious Life Podcast: Fred Cohen, The Godfather of Computer Viruses [ML B-Side]](https://www.cybereason.com/hubfs/Malicious-Life-episode-1.png)
In his 1984 seminal paper - Computer Viruses: Theory and Experiments - Dr. Fred Cohen not only introduced the name 'computer virus', a term invented by his mentor, Leonard Adelman, but was also the first to analyze computer viruses in a rigorous mathematical way, proving that computer viruses were not only practical - but that they were in fact inevitable. Nate Nelson, our Sr. producer, spoke with Dr. Cohen about his early research into computer viruses, his work with the US army, the panicky response from the US government - and the parallels between computer viruses and mental viruses - i.e. memes. |
★★ | ||
|
2022-12-14 13:40:44 | (Déjà vu) Royal Rumble: Analysis of Royal Ransomware (lien direct) |
The Royal ransomware group emerged in early 2022 and has gained momentum since the middle of the year. Its ransomware, which the group deploys through different TTPs, has impacted multiple organizations across the globe. The group itself is suspected of consisting of former members of other ransomware groups, based on similarities researchers have observed between Royal ransomware and other ransomware operators. |
Ransomware | ★★★ | |
|
2022-12-13 19:44:39 | Case Study: How Cybereason MDR Improved Olist\'s Triage & Response Time (lien direct) |
Olist, a Brazilian e-commerce marketplace integrator, is one of the fastest-growing eCommerce platforms in the world. Last year, for example, it closed four acquisitions and tripled in size. Today, it is rapidly expanding beyond Brazil. |
★★ | ||
|
2022-12-13 17:30:00 | Malicious Life Podcast: Thamar Reservoir (lien direct) |
Thamar Gindin is an Israeli scholar whose research focuses on the Persian language. For the past seven years (at least) Thamar has been a target for an endless stream of spear-phishing attempts by the Iranian regime, trying to take over her email account and lure her away from her country's borders. Her family, friends, and colleagues have also suffered numerous attacks. So, how does it feel to live for years with a virtual target mark on your back?…
|
★★ | ||
|
2022-12-12 11:00:00 | Ransomware: Which Industries Are Most Likely to Pay (lien direct) |
A recent study by Cybereason, Ransomware: The True Cost to Business 2022, revealed that 73% of respondents had experienced a ransomware attack in the last 24 months. Of those respondents, 28% said their organizations paid the ransom. A separate survey of cybersecurity leaders conducted by WSJ Pro Research found that 42.5% of respondents said they would consider paying a ransom. |
Ransomware Guideline | ★★★★ | |
|
2022-12-07 12:00:00 | What Healthcare CISOs Can Do Differently to Fight Ransomware (lien direct) |
Ransomware attacks cost the healthcare industry over $20 billion in 2020 and show no sign of slowing down. “The current outlook is terrible,” says Israel Barak, CISO of Cybereason. “We are seeing the industry experience an extremely sharp increase in both the quantity and level of sophistication of these attacks.” |
Ransomware | ★★★ | |
|
2022-12-06 19:48:35 | The Problem With Kernel-Mode Anti-Cheat Software [ML B-Side] (lien direct) |
![The Problem With Kernel-Mode Anti-Cheat Software [ML B-Side]](https://www.cybereason.com/hubfs/the%20problem%20with%20kernel%20mode%20anti%20cheat%20software-1.png)
Nobody likes cheaters, especially in video games: we play games to have fun, and nothing hurts the joy of playing a good game more than losing to a cheater. That is why EA is not the only publisher to implement kernel-mode anti-cheat software in their games: League of Legends and Valorant, for example, use similar software. Yet some people warn that installing such kernel-level systems is extremely dangerous. So, what's the problem with kernel-mode anti-cheat software? |
★★★ | ||
|
2022-12-05 06:00:00 | Threat Analysis: MSI - Masquerading as a Software Installer (lien direct) |
|
Threat Threat | ★★★ | |
|
2022-12-02 13:00:00 | FBI, CISA Issue Warning on Cuba Ransomware (lien direct) |
|
Ransomware | ★★★ |
To see everything:
Our RSS (filtrered)
